-
Notifications
You must be signed in to change notification settings - Fork 343
Regional Azure Authorities
Bogdan Gavril edited this page Mar 29, 2021
·
3 revisions
AAD is adding support for regional STS (ESTSR). Currently only S2S (client_credentials) flow and available via opt-in.
If you know the region - use it. If you don't know the region, MSAL can attempt auto-discovery. If this fails, the non-regional authority is used.
// if app knows the region, use it as MSAL cannot reliably detect it
string region = Config.Region ?? ConfidentialClientApplication.AttemptRegionDiscovery;
var cca = ConfidentialClientApplicationBuilder(client_id)
.WithAuthority(AzureCloud.PublicCloud, validateAuthority:false)
.WithRegion(region)
.Build();Regional authorities cannot be validated.
- Home
- Why use MSAL.NET
- Is MSAL.NET right for me
- Scenarios
- Register your app with AAD
- Client applications
- Acquiring tokens
- MSAL samples
- Known Issues
- AcquireTokenInteractive
- WAM - the Windows broker
- .NET Core
- Maui Docs
- Custom Browser
- Applying an AAD B2C policy
- Integrated Windows Authentication for domain or AAD joined machines
- Username / Password
- Device Code Flow for devices without a Web browser
- ADFS support
- Acquiring a token for the app
- Acquiring a token on behalf of a user in Web APIs
- Acquiring a token by authorization code in Web Apps
- High Availability
- Token cache serialization
- Logging
- Exceptions in MSAL
- Provide your own Httpclient and proxy
- Extensibility Points
- Clearing the cache
- Client Credentials Multi-Tenant guidance
- Performance perspectives
- Differences between ADAL.NET and MSAL.NET Apps
- PowerShell support
- Testing apps that use MSAL
- Experimental Features
- Proof of Possession (PoP) tokens
- Using in Azure functions
- Extract info from WWW-Authenticate headers
- SPA Authorization Code